Unrated severityNVD Advisory· Published Mar 10, 2010· Updated Apr 29, 2026

CVE-2010-0728

Description

smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRIDE capability, which allows remote authenticated users to bypass intended file permissions via standard filesystem operations with any client.

Affected products

Samba (software)/Samba3 versions
cpe:2.3:a:samba:samba:3.3.11:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:samba:samba:3.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.4.6:*:*:*:*:*:*:*
- cpe:2.3:a:samba:samba:3.5.0:*:*:*:*:*:*:*
osv-coords2 versions
pkg:rpm/opensuse/cifs-utils&distro=openSUSE%20Tumbleweed pkg:rpm/opensuse/samba&distro=openSUSE%20Tumbleweed
< 6.5-1.5+ 1 more
- (no CPE)range: < 6.5-1.5
- (no CPE)range: < 4.5.0-1.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

lists.samba.org/archive/samba-announce/2010/000211.htmlnvdVendor Advisory
www.samba.org/samba/security/CVE-2010-0728nvdVendor Advisory
www.samba.org/samba/history/samba-3.3.12.htmlnvd
www.samba.org/samba/history/samba-3.4.7.htmlnvd
www.samba.org/samba/history/samba-3.5.1.htmlnvd
bugzilla.samba.org/show_bug.cginvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000